LDAP integration: is it feasible to access without the Domain Component?

Last activity on October 1, 2023 - 11:21 4.9k Views 3 Replies Professional ARIS

Pedro Guerrero on November 21, 2018

Hello everyone

Last week we managed to connect ARIS to our customer's Active Directory successfully. Now the windows users can easily access ARIS using <dc>\<windows_user> at the time of logging in.

The customer wants to have all their employees using the <windows_user> without having to type "<dc>\" beforehand. Here's an example

Current situation

Expected situation

From what we've done sor far is that the IT specialist suggested us to uncheck the "Activate multiple LDAP integration" option in Configuration/User Management/LDAP/General Settings. However, it didn't work.

Is there any way to address this?

Thank you very much for your assistance

Kind regards

Pedro.

EDIT: at this moment I have used the option "Activate multiple LDAP integration" unchecked then "Additional Functions" / "Start LDAP Import". After that, I click on a particular user and then I click the "Synchronize with LDAP" button and it's been working on most users.

Now my question is, is there a way to massively synchronize with the LDAP server without going one by one?

Bookmark

Notify Moderator

3 Replies

Reset Password

Pedro Guerrero Author on November 28, 2018 - 16:16

Hello, any news on how to synchronize ARIS with the LDAP at once?

In addition, when clicking the "Synchronize with LDAP" button after choosing a particular user, that user appears duplicated on the UMC: how can we address this issue from the ARIS Connect standpoint?

Thank you in advance for your assistance

Best regards

or register to reply.

M. Zschuckelt on November 28, 2018 - 16:35

Have you tried to do the following on the user list in UMC:

Additional functions -> Start LDAP import.

I am not an expert on these matters. I believe this will execute an LDAP query you configured and synchronize all LDAP users with the LDAP directory. It will also delete users that don't exist in LDAP any more.

I think the reason for the duplication of your user is this:

A user is either controlled (and authenticated) by LDAP or UMC. So if you import a user from LDAP for the first time any user of the same name you created in UMC will remain untouched. The synchronization will only happen with the user originating from the LDAP (also any deletion can only affect users originally imported from LDAP). So best thing is: Delete the UMC user after you synchronized the LDAP one. Usually you don't want UMC users side by side with LDAP users. If you want you can also synchronize user groups and group memberships with LDAP. This way you can maintain those entirely in the LDAP with your existing processes.

Pedro Guerrero Author on November 28, 2018 - 18:59

Thank you very much for your answer, M. Zschuckelt. I will explain this a little better because I forgot to give some details.

At the time we set the parameters on Configuration/User Management/LDAP we connected successfully to our customer's Active Directory
Then we brought all the directory by issuing UMC's Additional functions -> Start LDAP import.

(so far so good)

But when we detected the duplication issue after Syncing with LDAP , we did a test by choosing a random user brought from Active Directory (without any previous equivalent UMC user) and tried syncing with LDAP and after that, this random user appears twice,

I'm not sure if I explained a little better this time. If you have further questions, just let me know and I'll reply shortly.

Again, thank you very much.

Regards